|
|
|
|
Bookmark this on Delicious
Share on Facebook
 Slashdot It!
Digg  ldap_mod_replace
Replace attribute values with new ones
(PHP 4, PHP 5)
Code Examples / Notes » ldap_mod_replacechris
You can use arrays for multiple attributes example: $entry[mail] = array("newmail@aelana.com","altnewmail@aelana.com"); $results = ldap_mod_add($ldapConnID,$dn, $entry); or as i did for creating anew user: $adduserAD["objectClass"] = array("top","person","organizationalPerson","user"); eelbait
Using ldap_mod_replace to change a user's password will not set the password using a hashed value, but rather in clear text. There doesn't seem to be a way to use the various password-change protocols (e.g. extended operation) using this API. You might be better off using the ldappasswd command-line tool to perform this function.
joshuastarr
To modify an attribute with a single value: $entry[mail] = "newmail@aelana.com"; $results = ldap_mod_add($ldapConnID,$dn, $entry); To modify an attribute with multiple values: $entry[mail][] = "newmail@aelana.com"; $entry[mail][] = "altnewmail@aelana.com"; $results = ldap_mod_add($ldapConnID,$dn, $entry); To modify multiple attributes $entry[mail][] = "newmail@aelana.com"; $entry[mail][] = "altnewmail@aelana.com"; $entry[c] = "US"; $results = ldap_mod_add($ldapConnID,$dn, $entry); 19-jul-2002 07:32
Sometime,we cannot replace ldap_mod_replace function with ldap_mod_del function and ldap_mod_add fuction .We don't have permission to delete an attribute but we can replace it.
oyvindmo
ldap_mod_replace() and ldap_modify() are _exactly_ the same. So, the comment that ldap_mod_replace() "performs the modification at the attribute level as opposed to the object level", has no root in reality.
ondrej
in openldap 2.0.x you can use method with mod_del/mod_add only if the attribute have defined EQUALITY rule.
erwann
If you do not wish to set up SSL on your active directory, and you are running on Windows, you can use COM and ADSI to set the new password for a user, or to active a user: <?PHP // to set a user password // server is the ldap server // newuser_dn is the full dn of the user you want to modify // newuser_password is the password you wish to set for the user $ADSI = new COM("LDAP:"); $user = $ADSI->OpenDSObject("LDAP://".$server."/".$newuser_dn, $adminuser, $adminpassword, 1); $user->SetPassword($newuser_password); $user->SetInfo(); // to activate a user $ADSI = new COM("LDAP:"); $user = $ADSI->OpenDSObject("LDAP://".$server."/".$newuser_dn, $adminuser, $adminpassword, 1); $user->AccountDisabled = false; $user->SetInfo(); ?> yife
if i want to replace the special attribute but i don't replace other attribute ,i just use "ldap_mod_del" and "ldap_mod_add" ,the function seems to that
mike dot rosile
Here is some great information from the OpenLDAP FAQs regarding changing a userPassword attribute with PHP: http://www.openldap.org/faq/data/cache/347.html $userpassword = "{SHA}" . base64_encode( pack( "H*", sha1( $pass ) ) ); frederic dot jacquot
Changing a user password in Active Directory. Securely connect (using ldaps) to the Active Directory and bind using an administrator account. In this example, $userDn contains the dn of the user I want to modify, and $ad is the Active Directory ldaps connection) $newPassword = "MyPassword"; $newPassword = "\"" . $newPassword . "\""; $len = strlen($newPassword); for ($i = 0; $i < $len; $i++) $newPassw .= "{$newPassword{$i}}\000"; $newPassword = $newPassw; $userdata["unicodepwd"] = $newPassword; $result = ldap_mod_replace($ad, $userDn, $userdata); if ($result) echo "User modified!" ; else echo "There was a problem!"; I found it hard to get a proper encoding for the unicodepwd attribute so this piece of code might help you ;-) aaronfulton
Before you modify values in your ldap directory, first make sure that you have permission to do so. In openldap adding the following acl in slap.conf will allow the user to modify their own userpassword. access to attr=userPassword by self write by anonymous auth by * none |
Change Language
ldap_8859_to_t61 ldap_add ldap_bind ldap_close ldap_compare ldap_connect ldap_count_entries ldap_delete ldap_dn2ufn ldap_err2str ldap_errno ldap_error ldap_explode_dn ldap_first_attribute ldap_first_entry ldap_first_reference ldap_free_result ldap_get_attributes ldap_get_dn ldap_get_entries ldap_get_option ldap_get_values_len ldap_get_values ldap_list ldap_mod_add ldap_mod_del ldap_mod_replace ldap_modify ldap_next_attribute ldap_next_entry ldap_next_reference ldap_parse_reference ldap_parse_result ldap_read ldap_rename ldap_sasl_bind ldap_search ldap_set_option ldap_set_rebind_proc ldap_sort ldap_start_tls ldap_t61_to_8859 ldap_unbind |
